Published at LXer:
Two popular open-source packages were recently sabotaged with mischievous commits, creating confusion among those using the software and exacerbating concerns about the fragility of the open-source software supply chain.
Read More...